Most government IT workers believe identity management
is critical to their organizations, but view cost as a major obstacle, a new survey from Quest Software concludes.
The survey indicated that while 69 percent of government IT professionals believe identity management is already “very important” to their agency, 72 percent think its importance will increase over the next five years.
Meanwhile, the concerns over compromised critical public infrastructure were greater among local government IT officials than their counterparts in federal or state agencies.
Also, the vast majority of government IT professionals report that their agencies complied with the following steps: secured information systems (76 percent), secured personnel information (72 percent), and secured access to facilities (75 percent).
However, over one-third of the agencies “don't know” when they will be compliant with the government mandates on security management.
Even so, initiatives -- such as the Homeland Security Presidential Directive (HSPD)-12, a program for identifying and authenticating federal workers -- have brought identity management to the forefront over the past four years.
“With real business and technology challenges confronting agencies, identity management is an increasingly important issue that demands attention,” Paul Garver, vice president of Quest's Public Sector division, told SCMagazineUS.com on Tuesday. “The survey confirmed what we've been hearing from many of our government customers: HSPD-12 is about more than just the card. It represents the ability to get into the building. It represents the ability to sign on to the workstation, to gain access to applications with the rights and privileges you should have.”
Respondents to the survey cite lack of funds as the main obstacle in agency's ability to reach their identity and security management objectives. More than half believe Congress needs to increase funding to allow agencies to better implement management projects.
Another problem could come with heterogeneous infrastructures. The survey showed that more than half of respondents report that this type of environment -- consisting of mixed platforms and applications -- is “challenging” for their agency's identity management system.
“This finding has major implications for agencies trying to develop a unified system because inherent in heterogeneous IT environments is increased complexity and increased potential for compliance violations and security degradations,” Garver said.
Experts said the survey shows that IT departments must show how identity management improvements will benefit the entire organization.
“The survey casts necessary attention on the complex business and technology challenges confronting government agencies as they work to achieve identity management requirements, which will only increase in importance,” said Scott Hastings, partner at consulting firm Deep Water Point and former chief information officer of the federal Homeland Security and Justice departments. “To bolster their business cases, government IT professionals must employ solutions that address the entire enterprise and demonstrate incremental progress in security and privacy enhancements that generate real operational benefits.”